In one of my recent posts, I talked about how we did a Technical Surveillance Countermeasures (TSCM) sweep for spy listening devices in the offices of a business. We didn’t find any eavesdropping devices in their offices, but we did determine that one of the other businesses in the building was being bugged.
When we conducted the sweep and found nothing, that was a good thing. The business owner knew someone had learned something that was being held confidentially and was concerned. So he took the first logical step in his mind to find out if there were listening devices installed in the areas of the office where sensitive discussions were taking place. Eliminating eavesdropping devices from the options, he could move forward.
Automatically people suspect a wire tap or bug, when in reality, the leak could have occurred through other means, such as
- loose lips or
- garbology – dumpster diving.
Loose lips can be a malicious act, but is can also be inadvertent or the result of someone being flattered or threatened into divulging information. If someone involved in the discussions is not discreet about where and when they repeat confidential information their conversations could be overheard and conclusions – accurate or not – could be drawn. Educating employees and workers in the handling of confidential matters in correspondence and conversations can be a critical missing link in maintaining confidentiality of a business’s assets.
We use garbology to get information for clients by collecting trash and sorting through it for evidence and information. Bad guys can use it to get confidential information for their own uses just like we do, although we stay within the confines of the law and they may not. Again, company systems and policies can prevent confidential information from being made public. The routine shredding of documents – confidential or not – could prevent bad guys from finding anything in the trash.
The lesson here is that keeping your offices and environment free of bugs is important, but so is keeping information secure through processes like shredding and employee policy. Make security a regular routine in your business.
-T. Wilcox, CEO, International Investigators